A massive ransomware cyberattack that has crippled Nevada’s state government since Sunday has resulted in some data being moved outside of the network by "malicious actors,” state officials said Wednesday.

State agency officials would not disclose the nature of the data that was taken outside the state network during the press conference in Carson City, and stressed that it is a “challenging and fluid situation.” 

“The process of analyzing the information to determine exactly what was taken is complex, methodical and time consuming. Speculation on the data that was affected before we have any definitive proof would be irresponsible,” said Tim Galluzi, the executive director of the Governor’s Technology Office.

Wednesday’s press conference — which included agency leaders and FBI agents —  was the first time that state officials spoke publicly about the attack, which occurred Sunday morning. 

Gov. Joe Lombardo’s office has provided periodic updates to the media about the outage and recovery throughout the week, but many unanswered questions remained, including details about the scope and cause of the attack, perpetrators and financial impacts. 

State officials answered questions following their prepared remarks during the press conference, but declined to provide technical details about the attack.

The attack has resulted in state websites and phone lines being down — some of which were still not functioning as of Wednesday afternoon — in addition to the closing of state offices throughout the week. State workers also did not work in-person on Monday and Tuesday, but the governor’s office said on Tuesday that certain state offices and employees would return for in-person operations later in the week.

The governor’s office has also stated that there was no known compromise of personal data, and that the incident has not affected state payroll.

“Should we determine that any sensitive personal information of our citizens was compromised, we are prepared to follow the appropriate steps,” Galluzi said.

Emergency services were also unaffected, according to the governor's office.

Richard Whitley, Department of Human Services director, said with several state electronic data entry services down as of now, his agency might see some delays in processing new clients but are trying to prevent any delays in the delivery of vital social services such as Supplemental Nutrition Assistance Program and other benefits. 

The attack took down the website and phone lines for the Nevada Gaming Control Board, but Chairman Mike Dreitzer told The Nevada Independent the agency is fully operational and found other ways to work around the issue.

Other agency leaders during the press conference provided details about the status of their operations and websites. Click here for a detailed list of how their operations have been affected, as well as how the public can access services.

Lombardo did not attend the press conference and, according to a post on X, he was attending the opening celebration of the Elko temple of The Church of Jesus Christ of Latter-day Saints.

He also was scheduled to attend a meet and greet event hosted by Elko Nevada GOP at 7 p.m. Wednesday to provide an update on education, housing and public safety as he prepares for his 2026 re-election campaign.

Chief of Staff Ryan Cherry, when asked about his absence, said Lombardo was aware of all information.

“We are regularly updating him, but this is an issue where we were bringing people together,” Cherry said. “He was not available to participate in person. So you have me as a representative of his office and all of his agency directors.”

When asked if the data breach was an isolated incident or it was connected to others nationwide, Tim Robb, homeland security adviser with the governor’s office, said the state was not at liberty to speculate due the nature of the ongoing investigation. There also was a security breach of Maryland Transit Administration Services this weekend, though it is unclear if the two events are related. 

There have been disruptions to some of the national databases used by law enforcement, though Robb declined to specify which ones and said the state is working on getting access to the databases as soon as possible. 

Robb emphasized the importance for Nevadans to protect themselves by making sure their passwords are complex, not reused across multiple systems and not shared with others. 

“Stay cyber aware. We spend a lot of our lives in the cyberworld, transacting very important components of our daily lives, whether that be banking or communicating,” Robb, who also outlined the significance of updating software. “Be educated and protect yourselves.” 

The Strip’s two largest casino operators, MGM Resorts International and Caesars Entertainment, were the subject of cyberattacks in 2023. The attack on MGM shut down much of the company’s operations on the Strip for several days, including taking the casino’s slot machines offline. 

The attacks each cost MGM and Caesars millions of dollars in lost revenue and damaged their reputation with customers and employees, many of whom had their personal data stolen in the attack. Caesars reportedly paid a multimillion-dollar ransom to the attackers.

Updated at 5:04 p.m. and 6:55 p.m. on 8/27/2025 to include the reason for Lombardo's absence, at 6:18 p.m. on 8/27/2025 to include additional details from governor's office press conference .

This story was updated at 6:55 p.m. on 8/27/2025 to include information about a question and answer session after the scheduled press conference.